Marc Stern

icon location Belgium icon location Working in Cyber Security for 20+ years. WAF, Crypto, eID, IAM, SSDLC, Confidential Computing, ...

Results 153 comments of Marc Stern

base64Decode behaviour against payload which contain + and /

The only clean solution is to have 2 url decode transformation, one for URL and one for payload

CI improvement: First check syntax & always display error.log

replaced by https://github.com/owasp-modsecurity/ModSecurity/pull/3190

Mod_security IPV6 ipMatchFromFile not working as expected.

@ipMatchFromFile and @ipMatch code (same code in v2 & v3) becomes buggy from a certain number of IP. Nobody knows where this code comes from, so it's very difficult to...

Removed code for SecStatusEngine

My bad: - SecStatusEngine is obsolete as there's no more server to receive this info. - SecRemoteRules isn't obsolete as someone may have created a server to deliver config files...

Removed code for SecStatusEngine

I re-introduced the code for SecRemoteRules & SecRemoteRulesFailAction

feat: Allow `multipart/mixed` request with special "OData batch" structure

Even if it cannot be parsed, nothing forbids you to add this Content-Type to the allowed ones for your environment

Passing address of lock instead of lock in acquire_global_lock()

This now passed all my non-regression tests (thousands of requests)

Passing address of lock instead of lock in acquire_global_lock()

replaced by https://github.com/owasp-modsecurity/ModSecurity/pull/3188

Build error related to APR in config.c

'rootpath' must indeed be 'const'. Note that 'rootpath' is used later for a totally different treatment - see if (APR_ERELATIVE == status). This should use another non-const variable.

Build error related to APR in config.c

Would a cast be sufficient (for both parameters)? @Marcool04 Can you test this?